Archives

VPN and Secure Remote Access

""   Overview and Key Features:

Members of the University community must secure their access to sensitive systems and protect themselves when connecting from remote locations, such as while traveling or working from home. Virtual Private Networks (VPNs) allow a user to route their computer’s internet traffic through a specific network while not directly connected to it. U of T offers two VPN tools for different purposes:

  • UTORvpn: A general remote access VPN that protects connections and allows users to connect to the campus wireless network remotely.
  • AdminVPN: Allows the owners of administrative and academic systems, as well as department administrators, to enforce strong authentication and secure connections.

   

Help - Free computer icons   Getting started

  1. Download Cisco Secure Client (for desktop) or the Cisco Secure Client app (for Android/iOS). Cisco Secure Client was previously known as “Cisco AnyConnect Secure Mobility Client”.
  • Installation instructions for Secure Client can be found below.
  1. Open Cisco Secure Client.
  2. From the dropdown menu, enter or select “general.vpn.utoronto.ca” and click Connect.
  3. An authentication window will open. Enter your UTORid and password, then cick OK.
  4. Your computer will notify you that it is now connected to UTORvpn.

For detailed connection walkthroughs, see the Enterprise Service Centre (ESC) Knowledge Base:

 

Installing the VPN client

You must have an administrator account to install Cisco Secure Client on desktop. If you are using a U of T-managed workstation, contact your local IT help desk to have them install the software for you.

Installing on Windows

  1. Navigate to your Downloads folder and run the Cisco Secure Client .msi
  2. Agree to the licence agreement and the installation will complete.

Installing on Mac

  1. Navigate to your Downloads folder
  2. Double-click on the Cisco Secure Client .pkg file to start the installer.
  3. Click Continue and accept the license agreement.
  4. Uncheck all modules except VPN. Click Continue.

 

Installing on Linux (Ubuntu)

  1. Navigate to your Downloads folder and extract the Cisco Secure Client gz file to a directory.
  2. Navigate to the VPN directory under the extracted directory. Right-click and choose Open In Terminal.
  3. Run the command: sudo bash vpn_install.sh. Enter your password when prompted.
  4. Agree to the license agreement and the installation will complete.

 

Backup Services (UTORrecover)

""   Overview and Key Features:

UTORrecover is the professionally managed backup solution provided by  the Hardware Infrastructure Group (HIG) in Enterprise Infrastructure Solutions (EIS) in Information Technology Services (ITS).

Services

  • Institutional Backup and Restore

Features:

  • Daily Backups with Flexible Scheduling: UTORrecover performs daily backups scheduled to run between 6 p.m. and 7 a.m. Full backups are done once per month with incremental backups thereafter. Other schedules are available upon request, providing flexibility to meet different backup needs
  • Wide Compatibility with Operating Systems: UTORrecover supports a variety of operating systems including Windows, Solaris, Linux, Netware, MacOS X, and many others. This broad compatibility ensures that most systems within the University can be backed up without issue.
  • Parallel Backups: The ability to back up multiple systems and multiple disks on a single system in parallel significantly reduces the overall time required to complete backups, enhancing efficiency and minimizing downtime
  • File, Directory, Partition, and Disk-Level Backups and Restores: UTORrecover supports comprehensive backup and restore options at various levels, including file, directory, partition, and disk. This flexibility allows for tailored backup strategies to meet specific data protection requirements
  • Local Administrator Recovery Initiation: Local administrators have the capability to initiate recoveries, providing autonomy and quick access to restore data when needed. This feature is crucial for timely data recovery and minimizing disruptions

   

Help - Free computer icons   Getting Started:

Interested in this service? Contact us: backups@eis.utoronto.ca

Backups via UTORrecover are available to any University of Toronto department or faculty. Other than the requirement that the client system be on the University’s network, there are virtually no restrictions on the type of hardware, operating system or total amount of data to be backed up.

 

Question mark - Free communications icons   Get Help:

Contact: backups@eis.utoronto.ca

Endpoint Protection Service (SentinelOne)

Product overview - Free business icons   Overview and Key Features:

Only IT administrators or divisional leads may request this service on behalf of their units. Individual users should contact their local IT administrator for help with service requests.

Advanced endpoint protection provides next-generation anti-virus protection for university-owned user devices and servers. It gives units delegated access to manage their endpoints, including visibility on security alerts generated by the endpoint solution. This service enables quick detection of and response to attacks and device compromises.

This service is institutionally funded and comes at no cost to units for level 1 support.

 

Help - Free computer icons   Getting Started:

   

Question mark - Free communications icons   Get Help:

To request support, as a unit administrator:

To request support, as an end user:

Research Cyber Security Consultation

Product overview - Free business icons   Overview and Key Features:

Research cyber security consultations are virtual (or, if required, in person) meetings between RISP and researchers, research-supporting staff, project teams or students. During a consultation, RISP will answer your security questions/concerns and provide you with current guidance based on the University of Toronto’s policies, standards, procedures and guidelines, as well as general cyber security best practices.

 

Help - Free computer icons   Getting Started:

Open an Enterprise Service Centre ticket to contact the Research Information Security Program.

 

Question mark - Free communications icons   Get Help:

Cyber and Data Security

Geopolitical and collaboration risk

Resources

Privacy Impact Assessment

Product overview - Free business icons Overview and Key Features:

The Privacy Impact Assessment (PIA) service allows users of information technology to assess the impacts and risks related to the use of personal information for staff, faculty and students. PIAs are done as part of vendor and application reviews to identify privacy and compliance risks. However, it is recommended that any changes to data flows to existing processes also undergo PIAs to avoid non-compliance with FIPPA requirements.

 

Help - Free computer icons   Getting Started:

   

Question mark - Free communications iconsGet Help:

Privacy policy guidance

Freedom of Information and Protection of Privacy (FIPP) Office

Contact the Security team with questions at security@utoronto.ca

Identity and Authentication Services

""   Overview and Key Features:

The University of Toronto’s central IT team manages and supports core Microsoft 365 infrastructure services to enable secure, seamless and efficient collaboration across the institution. As part of this service, we oversee daily operations related to identity management (Entra ID), email services (UTMail+) and authentication and access controls.

These services are foundational to supporting students, faculty and staff with access to Microsoft 365 applications including Exchange Online, SharePoint, Teams, and more.

Entra ID:

  • Identity lifecycle management for all users and groups
  • Microsoft 365 administrative role assignments and governance
  • Directory synchronization and federated identity configuration
  • Integration of third-party and in-house applications with the Microsoft 365 tenant

UTMail+ Email Services:

  • Management of mailbox operations for faculty, staff, and students
  • Email authentication configuration (SPF, DKIM, DMARC)
  • Handling eDiscovery, retention policies, and litigation hold
  • Anti-spam and anti-phishing rule management
  • Troubleshooting mailbox issues and delivery concerns

Authentication & Security Controls:

  • Management of Multi-Factor Authentication (MFA) policies
  • Privileged Identity Management (PIM) setup and role elevation
  • Conditional Access policies to protect University data and systems

 

""   Getting Started:

If you need assistance with any of the services listed above, please submit a ticket through the Enterprise Service Centre (ESC)

  •  Ticket Review and Fulfillment
    Our team will review the request, triage as needed and work with your department to address the issue or complete the requested task.
  •  Follow-Up or Escalation
    For complex or unresolved issues, further assistance will be coordinated with specialized support teams or vendor engagement if required.

 

""   Get Help:

If you’re looking to get started or have any questions or concerns, we recommend beginning by reviewing the relevant resources:

Password Management Service

,

""Overview and Key Features:

1Password is a cloud-based, cross-platform password management solution that allows users to organize and store all passwords in one secure place.

Password re-use (using the same password across multiple accounts) is a significant contributor to data breaches, as stolen credentials can be exploited to gain unauthorized access to other accounts. To address this vulnerability, the University of Toronto has acquired 5,000 1Password Business licenses for staff, faculty and librarians and six years of 1Password Families at no cost for students.

""Getting Started:

To set up your 1Password account, visit:

"" Get Help:

For more information and FAQs, visit the password manager page.

Directory and Authentication Services

""   Overview and Key Features:

Enterprise Active Directory (EAD) is a platform that provides authorization, roles and group services. It is a central database containing users’ information that is used for authentication and authorization. EAD is integrated into almost all major computing systems in the University and provides access to services such as Office 365.

There is no specific front-end usage of EAD. What it does remains transparent while it authenticates and authorizes you to access services – no action is needed from users. For additional information about EAD, see the Enterprise Service Centre Knowledge Base.

""   Getting Started:

There are over 65 separate instances of active directories within U of T. If you are managing one of these instances and would like to integrate with EAD, please submit a ticket through the Enterprise Service Centre to discuss your application.

""   Get Help:

EAD is managed and maintained by the Identity and Access Management (IAM) team. To contact IAM about EAD, please create a ticket through the Enterprise Service Centre.

There is a mailing list for EAD, which is used to send messages about the bi-monthly update meeting. To subscribe, send an email containing “SUBSCRIBE ENTERPRISEAD-L” in the message body to listserv@listserv.utoronto.ca.

Incident Response

Product overview - Free business icons   Overview and Key Features:

The incident response service monitors and responds to notifications of compromised U of T accounts, potentially compromised systems and phishing or other malicious emails to help protect the University’s community members, data and devices.

Depending on the scale of the information security incident, the Incident Response team can provide advice or full management of incidents from start to finish.

 

Help - Free computer icons   Getting Started:

Low severity incidents:

For low severity incidents, such as a compromised account or clicking a link in a phishing email, contact security.response@utoronto.ca.

Medium to critical severity incidents:

For information about medium to critical severity incidents, refer to the Incident Response Plan. If you are experiencing a medium to critical severity incident, complete the incident intake form.

 

Question mark - Free communications icons   Get Help:

Those involved in responding to information security incidents at the University should refer to the incident response tools and resources and the Incident Response Plan for guidance.

For incident response inquiries, contact security.response@utoronto.ca.

 

Information Risk Assessment

   ""   Overview and Key Features:

The information risk assessment is a systematic evaluation process designed to identify, analyze and manage potential risks associated with projects and vendors (applications, hardware, service providers or any other vendors where data collection, storage or transfer may be involved). Regular risk assessments allow organizations to stay ahead of potential vulnerabilities, ensuring that the mitigation, avoidance, acceptance or transfer of identified risks remains effective over time.

This assessment is a proactive measure to enhance information security practices and maintain a resilient and secure environment at U of T. It is a valuable tool for those involved in projects and vendor relationships, such as project teams, departments and vendors engaged with the University, and it promotes a culture of risk-aware decision-making and continuous improvement.

 

Help - Free computer icons   Getting Started:

  

""   Get Help:

Explore the handbook to get actionable steps and helpful information for your cyber security questions and requirements. This handbook is a trusted resource created by the Information Security team for the U of T community.